The Importance of Software Bill-of-Materials (SBOMs) | ITSPmagazine Event Coverage: RSAC 2023 San Francisco, USA | A Conversation with Allan Friedman

Guest: Allan Friedman, Senior Advisor and Strategist at CISA [@CISAgov]

On LinkedIn | https://www.linkedin.com/in/allanafriedman/

On Twitter | https://twitter.com/allanfriedman

____________________________

Host:

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

This Episode’s Sponsors

BlackCloak | https://itspm.ag/itspbcweb

Brinqa | https://itspm.ag/brinqa-pmdp

SandboxAQ | https://itspm.ag/sandboxaq-j2en

____________________________

Episode Notes

Welcome to the latest episode of the Redefining Cybersecurity podcast with Sean Martin. In this episode, Sean talks about the upcoming RSA Conference in San Francisco, which promises to be an eventful one with a lot of topics, one of which is the software bill of materials (SBOM). Sean recently came across a tweet by Allan Friedman, a senior advisor and strategist at the Cybersecurity and Infrastructure Security Agency (CISA), about his hope to speak at RSA on SBOMs. In this episode, Sean invites Allan to discuss what prompted him to put that tweet up and how things have transitioned in the last few years.

According to Sean, Allan and his team's work has played a significant role in pushing the software community to take action and to make some progress on SBOMs. During this episode, Allan shares his journey into CISA, his work before on coordinated vulnerability disclosure, and how the government can help create better markets for security. He also shares his perspective on how the proliferation of APIs and microservices has taken off in recent years and how the SBOM concept has become more relevant than ever.

If you're interested in learning more about SBOMs and how they can help organizations mitigate security risks and vulnerabilities, then you don't want to miss this episode. So make sure you subscribe to Redefining Cybersecurity Podcast on your favorite platform and share this episode with your colleagues and friends.

____________________________

Resources

Supply Chain Integrity Month: https://www.cisa.gov/supply-chain-integrity-month

"Scaling Software Supply Chain Source Security in Large Enterprises" session: https://www.rsaconference.com/usa/agenda/session/Scaling%20Software%20Supply%20Chain%20Source%20Security%20in%20Large%20Enterprises

"The World on SBOMs" session: https://www.rsaconference.com/usa/agenda/session/The%20World%20on%20SBOMs

"The Opposite of Transparency" session: https://www.rsaconference.com/usa/agenda/session/The%20Opposite%20of%20Transparency

28 sessions on Supply Chain: https://www.rsaconference.com/usa/agenda/full-agenda#q=supply%20chain&t=agenda-upcoming-tab&numberOfResults=50

22 sessions on Open Source: https://www.rsaconference.com/usa/agenda/full-agenda#q=open%20source&t=agenda-upcoming-tab&numberOfResults=25

Learn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw

____________________________

For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverage

Are you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

👉 https://itspm.ag/rsac23sp

Are you interested in sponsoring an ITSPmagazine Channel?

👉 https://www.itspmagazine.com/podcast-series-sponsorships

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:

https://www.itspmagazine.com/redefining-cybersecurity-podcast

Be sure to share and subscribe!

Release date

Lydbog: 11. april 2023